<?php include('config.php') ?>
<?php
session_start();

$tbl_name="user";
$response = '0';

if(isset($_GET['username'])&&isset($_GET['password'])) {
    $username=$_GET['username'];
    $password=sha1($_GET['password']);
    $username = stripslashes($username);
    $password = stripslashes($password);

    $username = mysql_real_escape_string($username);
    $password = mysql_real_escape_string($password);

    $sql="SELECT * FROM $tbl_name WHERE email='$username' and password='$password'";
    $result=mysql_query($sql);

    $count=mysql_num_rows($result);

    if ($count > 0) {    //successful login
        $row = mysql_fetch_array($result);
        $_SESSION['is_logged_in']=1;
        $_SESSION['user_ID']=$row['ID'];
        $_SESSION['user_type']=$row['user_type_ID'];
        $_SESSION['username']=$row['fName'].' '.$row['lName'];
        $response='1';
    }
    ob_end_flush();
}
echo $response;
?>
